# yum -y install vsftpd -y
# yum -y install lftp -y
# cp /etc/vsftpd/vsftpd.conf{,.bak}
# useradd -s /sbin/nologin ftpuser
# echo "0*1sAl}~" | passwd --stdin ftpuser
# openssl req -new -x509 -nodes -out vsftpd.pem -keyout vsftpd.pem -days 3560
# mkdir .sslkey
# mv vsftpd.pem .sslkey/
# chmod 400 .sslkey/vsftpd.pem
# touch /etc/vsftpd/chroot_list
# vim /etc/vsftpd/chroot_list
ftpuser
# mkdir /var/ftp/pub
# chmod -R o+w /var/ftp/pub/
# vim /etc/vsftpd/vsftpd.conf
修改:
anonymous_enable=NO
local_enable=YES
新增:
local_root=/var/ftp/pub
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
allow_writeable_chroot=YES
ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
force_anon_logins_ssl=YES
force_anon_data_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=YES
ssl_sslv3=YES
require_ssl_reuse=NO
ssl_ciphers=HIGH
rsa_cert_file=/etc/vsftpd/.sslkey/vsftpd.pem
rsa_private_key_file=/etc/vsftpd/.sslkey/vsftpd.pem
pasv_enable=YES
pasv_min_port=30000
pasv_max_port=30100
pasv_promiscuous=YES
# vim /etc/pam.d/vsftpd
注释如下:
#auth required pam_shells.so
# systemctl restart vsftpd
lftp 106.54.231.67 -u ftpuser,0*1sAl}~
lftp 49.232.170.20 -u ftpuser,0*1sAl}~
Ftp客户端FileZilla连接时,传输模式选择“主动”